In an interview with Infosecurity, Colven said that the key to combating financial fraud is to provide effective analysis of the mountain of data banks collected every day and determine which information raises a red flag. This would save banks money by detecting fraud earlier and save customers hassle from having to cancel and reissue their credit cards because of fraud. His company provides a fraud risk management products that performs this type of data analysis.
Detica and research firm Ipsos MORI conducted a survey of 1000 US residents about their banking experiences. Over 60% of the respondents believed that the responsibility for dealing with fraud lies with the banks, and only 6% felt it rests mainly with customers. In addition, 48% of respondents were concerned about the risk of fraud, and 14% had experienced actual or suspected bank fraud in the last two years.
Fewer than 1 in 10 US banking customers who experienced an actual or suspected fraud in relation to their bank account reacted by moving their business to another bank, signaling inertia among consumers and a reluctance to change banks, even in the face of fraudulent activity, the survey found.
“I wonder how those numbers would change if the customers bore more of the financial risk of the fraud. Right now, fraud is an irritation for customers. They know the banks are going to be the ones that bear the financial burden of the fraud. So they won’t lose their money. That is probably what is behind these numbers. This puts a lot of pressure on banks.”
A bank, however, cannot simply shift more of the financial burden to its customers because this would make it less competitive in the financial market place, he said. Banks compete aggressively on convenience, product innovation, and security. If security measures increase the costs of banking for customers, then they will switch banks.
Of particular note, 28% of respondents said they would be willing to allow their banks to share personal information about their finances if it helped to prevent fraud, but 34% said that they did not want charges to increase as a result of beefed up fraud prevention measures.
The willingness of bank customers to allow personal information to be shared could raise data privacy concerns. Colven said he believes that individual banks should collect as much information from customers as needed to prevent fraud. One way that banks collect information to fight fraud is through placing cookies on customers’ PCs.
“The cookie is very useful for the entire online transaction. It makes the process move smoother. So those cookies are there to stay. As long as that data stays within the banks walls, it can be very useful from a fraud perspective…to look for things like account takeover or manipulation,” he said, adding that the banking industry is seeing a significant increase in this type of fraud.
“If you start sharing this data across banks, that is when you get into some of the privacy concerns. My position is that as long as it is a computer analyzing the data, as long as the only data that is pulled out is unusual, this fundamentally protects the privacy of everyone except the fraudsters….I do get concerned when the data is delivered to other institutions, the government, or anyone else. This gives rise to a potential breach. However, solutions can be found to make it secure enough and aren’t too expensive,” he concluded.